[Cake] triple flow isolation

Sebastian Moeller moeller0 at gmx.de
Mon Jan 18 11:20:39 EST 2016


Hi Jonathan,

On January 18, 2016 10:37:35 AM GMT+01:00, Jonathan Morton <chromatix99 at gmail.com> wrote:
>
>> On 18 Jan, 2016, at 11:21, moeller0 <moeller0 at gmx.de> wrote:
>> 
>> Am I right to assume that dust and src host isolation works with the
>same counters but simply ignores one of them?
>
>Yes.  That’s explicit in the code.

        Thanks, as I am on the road since Sunday morning, I could not check the code easily.

>
>> So if all internal hosts talk to one external host, does this scheme
>then equal pure per-flow fairness? I am trying to understand how robust
>triple-iso is going to be against attempt at shenanigans by unruly
>machines on the internal/external networks…
>
>No.  If there is only one host on one side (whichever side that happens
>to be), then maintaining per-host fairness for that side is trivial. 
>The algorithm will instead maintain per-host fairness for the other
>side. This derives from the fact that it also maintains per-host
>fairness within traffic to each individual host.  Per-flow fairness is
>also still maintained within individual host-pairs.
>
>My measurements show that this aspect of the isolation is not perfect. 
>There is still some influence from the number of flows, which biases
>the actual throughput slightly from ideal per-host fairness.  This bias
>is however *much* smaller than pure per-flow fairness would be, and
>I’ve been unable to come up with a robust way of eliminating it
>entirely.

        Question: does this slight imperfection only exist for the two ,*_host settings as well? 

>
>Hence I think it’s reasonable to simply switch on triple isolation by
>default, in the near future.  It does approximately the right thing,
>without further configuration, in the great majority of practical cases
>(that I can think of), and to a greater extent than the existing
>“flows” mode does.

        Not that it matters much, but I agree, if triple-iso does work good enough and does not have any too nasty corner cases it should be the default... People requiring stricter control can always use src_ host or dst_host if they are not happy with the default I would argue...


>
>I think that might also be a good time to overhaul the documentation
>and do some other overdue cleanup.


        +1 especially for the documentation overhaul ;)

Best Regards
        Sebastian
>
> - Jonathan Morton

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.


More information about the Cake mailing list